Today’s LiveWire Spotlight looks at a recently posted CMEP Practice Guide outlining the actions expected of Compliance Enforcement Authorities to assure uniformity in their cyber security (CIP) assessments of detection and monitoring equipment used to collect access control information at a BES Facility. The ERO Enterprise believes that the Practice Guide will give industry the direction it needs to support the DOE’s 100-day initiative to encourage the rapid deployment of advanced threat monitoring and response technologies – without risking a CIP violation and penalty assessment
As of 6/4/21, the CMEP Practice Guide for Network Monitoring Systems “took effect” across the U.S. and Canada. Clients should apply the guidance to verify that their sensors and data collection systems are properly categorized and appropriately secure from cyber-attacks.